Releases: github/gh-aw
Release list
v0.82.7
🌟 Release Highlights
This release delivers significant reliability improvements for ARC/DIND runners, MCP Gateway upgrades, expanded checkout authentication, and a wave of bug fixes and documentation enhancements.
✨ What's New
-
Safe-output GitHub App checkout auth — Workflows can now authenticate checkouts in
safe_outputsjobs using a GitHub App (checkout.safe-output-github-app), enabling secure, credential-scoped repository access without using personal tokens. (#44444) -
MCP Gateway v0.4.1 — Upgraded the embedded MCP Gateway (
mcpg) to v0.4.1, bringing the latest guard-policy fixes and sink-visibility support to all agentic workflow runs. (#44403) -
Smoke tests for
model: smallalias — A new daily smoke workflow validates that themodel: smallalias resolves correctly end-to-end, catching regressions before they reach production. (#44288) -
Decentralized
label_commandauto-permissions — The compiler now automatically grantspull-requests:readtopre_activationjobs whenlabel_commandis used onpull_requestevents, eliminating a common manual permission boilerplate. (#44282) -
Formal checkout behavior spec — Agent and
safe_outputsjob checkout behavior is now formally specified, giving workflow authors a clear contract for credential availability and repo access. (#44225)
⚡ Performance
- Faster
run-scriptexpression guardrail — CutYAMLGenerationoverhead in therun-scriptexpression guardrail, improving compilation throughput for workflows with many run steps. (#44438)
🐛 Bug Fixes & Improvements
-
ARC/DIND runner fix — Propagating
RunnerConfigto the detection job resolves aENOENTerror on ARC-dind Copilot runners. (#44445) -
Sandbox firewall directory permissions — Root-owned sandbox firewall directories are now reclaimed on reused runners, preventing
EACCESerrors on subsequent runs. (#44276) -
Copilot CLI hang on exit fixed — Reduced the post-completion idle watchdog timeout and added cleanup timeouts, preventing the Copilot CLI from hanging after workflow completion. (#44254)
-
Elixir runtime
erlexposure —erlis now correctly exposed in the AWF sandbox when usingruntimes.elixir. (#44283) -
Nested repo-memory glob matching — Fixed glob matching for memory files stored in nested subdirectories. (#44215)
-
Claude startup failure hardening — Empty-log Avenger runs no longer fail silently; Claude startup failures are now detected and surfaced correctly. (#44332)
-
Safe-outputs graceful fallback —
GH_AW_SAFE_OUTPUTSis now correctly passed to the "Parse agent logs" step, activating the graceful fallback path when needed. (#44354) -
Engine driver schema broadened — The
engine.driverschema description now matches the actual runtime multi-language support, reducing schema validation false positives. (#44355)
📚 Documentation
-
Sink visibility field — Documented the
sink-visibilityfield in the MCP Gateway write-sink guard policy (spec v1.15.0) and tightened guard-policy prose. (#44373, #44305) -
--force-public-reposproxy flag — The--force-public-reposflag for theproxysubcommand is now documented. (#44360) -
CLI flag alignment —
audit,status,experiments, and legacy--disable-*flags are now consistently documented with their deprecation behavior. (#44312) -
Custom model pricing FAQ — Added a FAQ entry covering custom model pricing in agentic workflow frontmatter. (#44450)
Warning
Firewall blocked 1 domain
The following domain was blocked by the firewall during workflow execution:
awmgmcpg
To allow these domains, add them to the
network.allowedlist in your workflow frontmatter:
network:
allowed:
- defaults
- "awmgmcpg"See Network Configuration for more information.
Generated by 🚀 Release · 36.5 AIC · ⊞ 7.6K
What's Changed
- add smoke-copilot-small workflow to validate
model: smallalias resolution by @pelikhan with @Copilot in #44288 - Fix repo-memory glob matching for nested memory files by @pelikhan with @Copilot in #44215
- Compiler: auto-grant pull-requests:read to pre_activation for decentralized label_command on pull_request events by @pelikhan with @Copilot in #44282
- fix: reduce post-completion idle watchdog and add cleanup timeouts to prevent Copilot CLI hang on exit by @pelikhan with @Copilot in #44254
- docs(parser): document missing internal dependencies in README by @pelikhan with @Copilot in #44308
- docs: document sink-visibility field in MCP Gateway write-sink guard policy (spec v1.15.0) by @lpcox with @Copilot in #44305
- docs: document --force-public-repos flag for proxy subcommand by @lpcox in #44360
- Copilot/document sink visibility field by @lpcox in #44373
- [linter-miner] linter: add bytescomparestring — flag string(a)==string(b) where a,b are []byte by @github-actions[bot] in #44389
- Add formal checkout behavior specification for agent and safe_outputs jobs by @pelikhan with @Copilot in #44225
- [docs] docs: tighten MCP gateway guard-policy prose by @github-actions[bot] in #44365
- fix: broaden engine.driver schema description to match runtime multi-language support by @pelikhan with @Copilot in #44355
- [safe-output-integrator] Add missing safe-output type fixtures and Go test coverage (11 types) by @github-actions[bot] in #44405
- [dead-code] chore: remove dead functions — 1 function removed by @github-actions[bot] in #44330
- fix: pass GH_AW_SAFE_OUTPUTS to "Parse agent logs" step to activate graceful fallback by @pelikhan with @Copilot in #44354
- Normalize report body formatting rules across 11 reporting workflows by @pelikhan with @Copilot in #44314
- Bump MCP Gateway (mcpg) to v0.4.1 by @lpcox with @Copilot in #44403
- Schedule Smoke Copilot Sub Agents workflow to run daily by @pelikhan with @Copilot in #44443
- Align CLI docs and deprecation behavior for audit, status, experiments, and legacy
--disable-*flags by @pelikhan with @Copilot in #44312 - Refactor safe-outputs config parsing into focused workflow modules by @pelikhan with @Copilot in #44313
- SPDD 2026-07-08: close spec sync gaps and enforce add-flow rollback semantics by @pelikhan with @Copilot in #44358
- fix: expose erl in AWF sandbox when using runtimes.elixir by @pelikhan with @Copilot in #44283
- docs: FAQ entry for custom model pricing in agentic workflow frontmatter by @pelikhan with @Copilot in #44450
- Harden Claude startup failure handling for empty-log Avenger runs by @pelikhan with @Copilot in #44332
- perf(workflow): cut YAMLGeneration overhead in run-script expression guardrail by @pelikhan with @Copilot in #44438
- fix: reclaim root-owned sandbox firewall dirs to prevent EACCES on reused runners by @pelikhan with @Copilot in #44276
- fix: propagate RunnerConfig to detection job to fix arc-dind Copilot ENOENT by @pelikhan with @Copilot in #44445
- Add
checkout.safe-output-github-appsupport for safe_outputs checkout auth by @pelikhan with @Copilot in #44444
Full Changelog: v0.82.6...v0.82.7
v0.82.6
🌟 Release Highlights
This release focuses on correctness and reliability — fixing subtle bugs in workflow compilation, strengthening security defaults, and improving developer tooling with new ESLint rules and unit tests.
✨ What's New
-
ESLint rule:
no-github-request-interpolated-route— A new static analysis rule flags interpolated template literals and string concatenation in Octokit.request()route arguments. This prevents malformed URLs and enforces the typed placeholder syntax ({owner},{repo}) that GitHub's REST API expects. (#44268) -
Comment-memory support for deterministic jobs — Custom jobs and
on.stepsflows withrestore-memory: truenow correctly receive the comment-memory config, enabling deterministic steps to consume persisted memory before agent execution. (#44214)
🐛 Bug Fixes & Improvements
-
Safer lockdown defaults on API failure — When the
determine-automatic-lockdownstep cannot fetch repository visibility,sink-visibilitynow defaults to"public"(strict policy) instead of the previously unrecognized"unknown"value, preventing unpredictable guard policy behavior. (#44286) -
Detection job dependency fix —
engine.envvalues referencingneeds.<job>.outputs.*expressions now correctly propagate to thedetectionjob'sneedslist, preventing silent empty-string resolution at runtime. (#44202) -
Lockdown autodetection skip when guard policy is explicit — The
determine-automatic-lockdownstep is now skipped when guard policies are already statically configured in frontmatter, eliminating redundant runtime detection. (#44270) -
Deprecated output references cleaned up — All remaining uses of
needs.activation.outputs.{text,title,body}in tests and specs replaced with the currentsteps.sanitized.outputs.*form, eliminating spurious deprecation warnings. (#44255)
📚 Documentation
- Token type validation clarified — Auth reference docs now explicitly document that
COPILOT_GITHUB_TOKENandGH_AW_GITHUB_TOKENmust be fine-grained PATs. OAuth user tokens (gho_...) are intentionally rejected at activation with remediation guidance. (#44275, Learn more)
Warning
Firewall blocked 1 domain
The following domain was blocked by the firewall during workflow execution:
awmgmcpg
To allow these domains, add them to the
network.allowedlist in your workflow frontmatter:
network:
allowed:
- defaults
- "awmgmcpg"See Network Configuration for more information.
Generated by 🚀 Release · 24.6 AIC · ⊞ 7.6K
What's Changed
- [spec-extractor] Update package specifications for tty, types, typeutil, workflow by @github-actions[bot] in #44266
- fix: skip lockdown autodetection step when guard policy is explicitly configured by @pelikhan with @Copilot in #44270
- Replace deprecated
needs.activation.outputs.{text,title,body}withsteps.sanitized.outputs.*by @pelikhan with @Copilot in #44255 - fix: detection job missing engine.env job dependencies in needs list by @pelikhan with @Copilot in #44202
- Restore comment-memory config for deterministic memory-read jobs by @pelikhan with @Copilot in #44214
- refactor(workflow): rename same-name/different-semantics helpers to eliminate navigation confusion by @pelikhan with @Copilot in #44149
- [docs] Update documentation for features from 2026-07-08 by @github-actions[bot] in #44275
- [docs] Update glossary - daily scan by @github-actions[bot] in #44273
- feat(eslint): add no-github-request-interpolated-route rule by @pelikhan with @Copilot in #44268
- fix: default sink-visibility to "public" when repository visibility check fails by @pelikhan with @Copilot in #44286
- Add unit tests for StripANSI in pkg/stringutil by @pelikhan with @Copilot in #44277
Full Changelog: v0.82.5...v0.82.6
v0.82.5
🌟 Release Highlights
This release focuses on developer guardrails and code quality tooling, hardening ESLint rules, improving compile-time safety, and adding proactive security checks for credential hygiene.
✨ What's New
-
Workflow-edit guard for stale lock files — A lightweight CI guard now catches agents that edit
.github/workflows/*.mdwithout recompiling the corresponding.lock.yml. This surfaces CI failures early, before the heavyweightcheck-workflow-driftjob runs. (#44238) -
OAuth token detection in activation jobs — The activation job now flags
COPILOT_GITHUB_TOKENandGH_AW_GITHUB_TOKENvalues that are OAuth tokens (gho_...). OAuth tokens are over-provisioned user-scoped credentials unsuitable for automation, and early detection prevents hard-to-debug permission failures downstream. (#44204) -
Runtime sink-visibility —
sink-visibilityin the MCP guard policy config is now computed at runtime instead of baked in at compile time. This eliminates stale configs and removes the network call during compilation. (#44245)
🐛 Bug Fixes & Improvements
-
ESLint:
try/finallywithoutcatchtreated as unprotected —isInsideTryBlockwas returningtruefortry/finallyblocks with nocatchclause. Since a catch-lesstry/finallydoes not suppress thrown errors, these call sites are now correctly flagged. (#44256) -
ESLint:
require-fs-sync-try-catchcatches destructured and aliased fs bindings — The rule previously only matchedfs.method()call patterns, silently missing bindings introduced by destructuring (e.g.,const { appendFileSync } = fs) or aliasing. Unprotected file-system calls using these patterns are now correctly reported. (#44240) -
Designer:
dismiss-pull-request-reviewadded to Safe Output Mapping — The Designer Drift Audit had falsely flagged 15 missing network ecosystem identifiers due to a head-limit truncation bug, and one genuinely missing safe output type (dismiss-pull-request-review). Both are now fixed. (#44209) -
Go code gen:
string()cast emitted for named string types —writebytestringnow correctly emits astring(s)cast when writing named string types (e.g.,type MyStr string), fixing non-compiling generated code.RunWithSuggestedFixessupport was also added. (#44208)
Warning
Firewall blocked 1 domain
The following domain was blocked by the firewall during workflow execution:
awmgmcpg
To allow these domains, add them to the
network.allowedlist in your workflow frontmatter:
network:
allowed:
- defaults
- "awmgmcpg"See Network Configuration for more information.
Generated by 🚀 Release · 26 AIC · ⊞ 7.6K
What's Changed
- [jsweep] Clean compact_numbers.cjs — add comprehensive test suite by @github-actions[bot] in #44189
- fix(designer): add dismiss-pull-request-review to Safe Output Mapping; fix head limits in drift audit by @pelikhan with @Copilot in #44209
- feat: add lightweight workflow-edit guard for stale lock files by @pelikhan with @Copilot in #44238
- fix(writebytestring): emit string() cast for named string types; add RunWithSuggestedFixes by @pelikhan with @Copilot in #44208
- refactor: compute sink-visibility at runtime instead of compile time by @pelikhan with @Copilot in #44245
- Refactor
getOrCreateListRepoCloneinto focused helpers in parser remote file listing by @pelikhan with @Copilot in #44179 - [instructions] Sync instruction files with release v0.82.4 by @github-actions[bot] in #44252
- fix(eslint-factory): require-fs-sync-try-catch catches destructured and aliased fs bindings by @pelikhan with @Copilot in #44240
- fix(eslint-factory): treat try/finally without catch as unprotected in isInsideTryBlock by @pelikhan with @Copilot in #44256
- feat: detect OAuth tokens in activation job for COPILOT_GITHUB_TOKEN and GH_AW_GITHUB_TOKEN by @pelikhan with @Copilot in #44204
Full Changelog: v0.82.4...v0.82.5
v0.82.4
🌟 Release Highlights
This release focuses on memory step ordering reliability, security hardening, and compiler improvements that enhance the predictability and safety of agentic workflow execution.
✨ What's New
-
Memory stores available earlier in agent jobs —
cache-memory,repo-memory, andcomment-memoryare now restored before user-definedsteps:, ensuring your workflow steps always have access to memory context. Custom jobs also benefit from automaticrestore-memorystep injection (#44037, #43984, #43952). -
Deterministic dispatch gating — Memory stores are now exposed to
on.stepsin pre-activation, enabling more reliable conditional dispatch logic based on memory state (#44015). -
Sink visibility in compiled policies — Compiled write-sink guard policies now emit
sink-visibilitymetadata, improving auditability of what each job can write (#44154). -
Loopback MCP server isolation — Loopback HTTP MCP servers are now rejected in network isolation mode, strengthening the security boundary for isolated workflow runs (#44113).
-
Binary evaluations via BinEval — The compiler now supports an
evalsjob type for BinEval binary evaluations, enabling structured model evaluation pipelines (#43700). -
set_issue_fieldfield validation — Builtin fields are now refused inset_issue_fieldto prevent accidental overwrites of system-managed fields (#44170).
🐛 Bug Fixes & Improvements
-
Stale
/tmp/gh-awownership fixed — Root-owned temp directories are now reclaimed before AWF invocation, preventing permission errors in agent runs (#44022). -
arc-dind workspace mount — Removed the deprecated
--docker-host-path-prefixCLI flag and added an explicit workspace mount for the arc-dind topology, ensuring reliable container builds (#44145). -
Parser field population fix —
required-labelsandrequired-title-prefixfields are now correctly populated in theupdate-pull-requestandupdate-issueparsers (#44168). -
Security: safer installer pattern — Replaced
curl | shinstaller pipes with a download-then-verify pattern, eliminating a supply-chain risk (RGS-018) (#43716). -
CLI flag and docs consistency — Corrected
--yesverb,--direnv hint, and add-wizard documentation across 9 commands for a more consistent developer experience (#44050). -
SHA-pinned build-tools image — The firewall image for arc-dind topology is now SHA-pinned, ensuring reproducible and tamper-resistant builds (#44044).
📚 Documentation
- Clarified Quick Start terminology for frontmatter and
.lock.ymlto reduce onboarding confusion (#44079). - Trimmed cache-memory reference bloat and updated the glossary for cleaner, more focused documentation (#44088, #44010).
Warning
Firewall blocked 1 domain
The following domain was blocked by the firewall during workflow execution:
awmgmcpg
To allow these domains, add them to the
network.allowedlist in your workflow frontmatter:
network:
allowed:
- defaults
- "awmgmcpg"See Network Configuration for more information.
Generated by 🚀 Release · 25.5 AIC · ⊞ 7.6K
What's Changed
- fix: reclaim stale root-owned /tmp/gh-aw before AWF invocation by @lpcox in #44022
- Move comment-memory preparation before user
steps:in agent job by @pelikhan with @Copilot in #43952 - eslint-factory: detect catch-variable aliases in require-error-cause-in-rethrow by @pelikhan with @Copilot in #43966
- [instructions] Sync instruction files with release v0.82.2 by @github-actions[bot] in #43990
- [spec-extractor] Update package specifications for stringutil, styles, testutil, timeutil by @github-actions[bot] in #44007
- [docs] Update glossary - daily scan 2026-07-07 by @github-actions[bot] in #44010
- Update package specs for modelsdev, console, and logger by @pelikhan with @Copilot in #44047
- fix: SHA-pin build-tools firewall image for arc-dind topology by @lpcox with @Copilot in #44044
- [eslint-miner] eslint: add require-fs-sync-try-catch rule by @github-actions[bot] in #43994
- feat(go-gh): modernize go-gh API usage — drop gh.Exec for GraphQL, add timeouts, tidy DefaultRESTClient by @pelikhan with @Copilot in #43985
- Targeted custom-lint cleanup: append byte conversion, context propagation, error wrapping, and param-count reduction by @pelikhan with @Copilot in #43938
- Move cache-memory and repo-memory restore steps before user
steps:in agent job by @pelikhan with @Copilot in #43984 - Clarify Quick Start terminology for frontmatter and
.lock.ymlby @pelikhan with @Copilot in #44079 - [docs] docs: trim cache-memory reference bloat by @github-actions[bot] in #44088
- Route pdf-summary discussions to Audits category by @pelikhan with @Copilot in #44092
- refactor(workflow): extract helpers to fix function-length lint violations by @pelikhan with @Copilot in #44008
- fix(doc-healer): gate artifact constant check on actual artifact production by @pelikhan with @Copilot in #44134
- test(constants): table-driven assertions and extend octal-literal check to cmd/ by @pelikhan with @Copilot in #44114
- Add restore-memory step injection for custom jobs by @pelikhan with @Copilot in #44037
- fix: correct --yes verb, --dir env hint, and add-wizard docs across 9 commands by @pelikhan with @Copilot in #44050
- refactor: split logs_orchestrator.go (1284 lines) into 5 focused modules by @pelikhan with @Copilot in #44051
- [linter-miner] linters: add writebytestring — flag w.Write([]byte(s)) calls that should use io.WriteString by @github-actions[bot] in #44101
- Reduce BenchmarkValidation overhead by caching safe-output field order by @pelikhan with @Copilot in #44090
- Reject loopback HTTP MCP servers in network isolation mode by @pelikhan with @Copilot in #44113
- Extend envutil for bool/string access and remove direct CI bypasses by @pelikhan with @Copilot in #44097
- compiler: add evals job for BinEval binary evaluations by @pelikhan with @Copilot in #43700
- Expose memory stores to
on.stepsin pre-activation for deterministic dispatch gating by @pelikhan with @Copilot in #44015 - Emit
sink-visibilityin compiled write-sink guard policies by @lpcox with @Copilot in #44154 - fix(arc-dind): remove --docker-host-path-prefix CLI flag and add explicit workspace mount by @lpcox in #44145
- fix(security): replace curl|sh installer pipes with download+verify (RGS-018) by @pelikhan with @Copilot in #43716
- [log] Add debug logging to parser and workflow files by @github-actions[bot] in #44183
- [community] Update community contributions in README by @github-actions[bot] in #44171
- feat: refuse builtin fields in set_issue_field by @pelikhan with @Copilot in #44170
- Bump AWF to v0.27.27 and MCPG to v0.4.0 by @lpcox with @Copilot in #44173
- Replace hard-coded activation symlink path literals with named/shared path constants by @pelikhan with @Copilot in #44177
- fix: populate required-labels and required-title-prefix in update-pull-request and update-issue parsers by @pelikhan with @Copilot in #44168
Full Changelog: v0.82.3...v0.82.4
v0.82.3
🌟 Release Highlights
This release focuses on developer experience, security hardening, and compiler flexibility — delivering tighter CI guardrails, new safe-output primitives, and meaningful quality-of-life improvements across the toolchain.
✨ What's New
-
Compiler job dependency control —
jobs.<generated>.needscan now augment compiler-generated job dependencies, giving authors explicit control over execution order for generated jobs likeactivation,agent, andsafe_outputs(#43940) -
dismiss-reviewsafe output — Workflows can now programmatically dismiss their own PR reviews with actor-bound guards and required justification, enabling automated review lifecycle management (#43125) -
Native duplicate issue marking —
close-issuewithduplicate_ofnow creates a proper GitHub "marked as duplicate of #X" timeline entry instead of a plain comment (#43152) -
CI drift detection for lock files — A new CI check catches stale
.lock.ymlfiles when workflow markdown is edited without regenerating the corresponding lock files, preventing silent drift (#43747) -
Selective maintenance job opt-out —
maintenance.disabled_jobslets repositories omit specific agentics-maintenance jobs, avoiding unnecessary write scopes for issue-triage-only repos (#43300) -
Harness retry policy now configurable —
GH_AW_HARNESS_*env vars let workflows widen the retry window for Copilot/Claude harnesses during sustained API transients (#43051) -
Model inventory update — New model aliases (
kiwi,mai-code) added; 10 Copilot sub-agents upgraded fromsmallto newer model aliases for improved output quality (#43085, #43063)
🐛 Bug Fixes & Improvements
-
MCP server security hardening — HTTP MCP server now binds to
127.0.0.1only, closing a DNS-rebinding and cross-origin POST attack surface introduced by go-sdk v1.6.0 (#43766) -
Ctrl-C cancellation restored —
context.Contextthreaded through 8remote_fetch.goAPIs so Ctrl-C now properly cancels in-flight HTTP requests from any CLI command (#43128) -
Token double-charging fix — Cache-read tokens for the
github-copilotprovider were incorrectly counted twice; this is now corrected for accurate cost reporting (#43048) -
Token metrics restoration — Token usage metrics are now correctly restored even when
events.jsonlomitssession.shutdown.modelMetrics(#43007) -
Rate limit cancellation —
checkAndWaitForRateLimitis now context-cancellable, preventing stuck runs during Ctrl-C (#43848) -
gh aw trialGH_HOST support —--trigger-contextissue URLs now correctly honorGH_HOSTfor GitHub Enterprise Server deployments (#43729) -
safe-outputs manifest bundled — The safe-outputs-items manifest is now included in the usage artifact, restoring
SafeItemsCountvisibility in run reports (#43056)
📚 Documentation
-
Quick Start improvements — Frontmatter defined inline with
.lock.ymlsemantics surfaced as a callout; engine secret setup clarified (#43083, #43107) -
CLI reference expanded — Added "When to use" column to CLI commands summary table; enterprise guidance collapsed to reduce cognitive load (#43699, #43082)
-
Persona-driven authoring guide — New documentation covering persona-based workflow authoring and ad hoc scenario evaluation (#43050)
Warning
Firewall blocked 1 domain
The following domain was blocked by the firewall during workflow execution:
awmgmcpg
To allow these domains, add them to the
network.allowedlist in your workflow frontmatter:
network:
allowed:
- defaults
- "awmgmcpg"See Network Configuration for more information.
Generated by 🚀 Release · 33.4 AIC · ⊞ 7.6K
What's Changed
- Honor NO_COLOR/color-profile degradation for Lip Gloss v2 output paths by @pelikhan with @Copilot in #42945
- Surface canonical
dispatch-repositorykey in frontmatter full reference by @pelikhan with @Copilot in #43009 - [docs] docs: trim repetitive glossary entries by @github-actions[bot] in #43019
- fix(lint-monster): eliminate os.Getenv coupling in compilerenv and action_mode by @pelikhan with @Copilot in #42984
- Strengthen codemod registry coverage by asserting all registered IDs by @pelikhan with @Copilot in #43008
- Fix CLI consistency issues in lint, mcp, and secrets commands by @pelikhan with @Copilot in #42982
- Restore token usage metrics when
events.jsonlomitssession.shutdown.modelMetricsby @pelikhan with @Copilot in #43007 - compiler: inject missing model pricing from models.dev at compile time by @pelikhan with @Copilot in #43003
- refactor(copilot-sdk): multi-provider only — remove single-provider legacy by @pelikhan with @Copilot in #42740
- compilerenv: remove constructor panic to satisfy custom Go lint by @pelikhan with @Copilot in #43044
- Suppress CodeQL
js/http-to-file-accessinensure-docs-slide-pdf.jswith explicit trust-boundary rationale by @pelikhan with @Copilot in #43049 - Document persona-driven workflow authoring and ad hoc scenario evaluation by @pelikhan with @Copilot in #43050
- Refresh AWF container digests and recompile workflow lockfiles by @pelikhan with @Copilot in #43060
- feat(models): 2026-07-03 model inventory update — new models, alias additions, mirror sync by @pelikhan with @Copilot in #43063
- Trim
search_repositoriestoken cost with explicit small-page pagination in workflow prompts by @pelikhan with @Copilot in #43055 - Harden temp writes in safe-output evaluation script by @pelikhan with @Copilot in #43054
- Reduce ambient prompt bloat in core analysis workflows by @pelikhan with @Copilot in #43053
- fix: stop double-charging cache-read tokens for github-copilot provider by @pelikhan with @Copilot in #43048
- fix: prevent tool denial failures in daily-agent-of-the-day-blog-writer by @pelikhan with @Copilot in #43070
- feat: migrate 10 copilot sub-agents from
smalltokiwi/mai-codeby @pelikhan with @Copilot in #43085 - Quick Start: define frontmatter inline and surface
.lock.ymlsemantics as a callout by @pelikhan with @Copilot in #43083 - refactor: split compiler_types.go grab-bag into workflow_data.go and safe_outputs_config.go by @pelikhan with @Copilot in #43071
- Docs: reduce CLI page cognitive load by collapsing enterprise guidance by @pelikhan with @Copilot in #43082
- fix(safe-outputs): bundle safe-outputs-items manifest into usage artifact to restore SafeItemsCount by @pelikhan with @Copilot in #43056
- fix: pass GITHUB_SHA to safe-outputs MCP server container by @pelikhan with @Copilot in #43106
- [log] Add debug logging to import-path and pricing resolution by @github-actions[bot] in #43109
- Fail fast on empty safeoutputs schema and add Copilot soft-time convergence guard by @pelikhan with @Copilot in #43057
- fix: hard-bake workflow ID in workflow_call concurrency group to prevent deadlock by @pelikhan with @Copilot in #43078
- Home page: move Public Preview notice into hero with warning callout styling by @pelikhan with @Copilot in #43081
- [jsweep] Clean tool_call_details.cjs by @github-actions[bot] in #43111
- Clarify Quick Start workflow source and engine secret setup by @pelikhan with @Copilot in #43107
- Add centralized
/souschefPR command routing to PR Sous Chef by @pelikhan with @Copilot in #43119 - Refactor main-job runtime setup orchestration to reduce largefunc backlog by @pelikhan with @Copilot in #43105
- fix(daily-yamllint-fixer): add testdata/** to allowed...
v0.82.2
🌟 Release Highlights
This release focuses on ARC/DinD (Actions Runner Controller + Docker-in-Docker) reliability, expanded skills: frontmatter capabilities, and a wave of quality improvements to ESLint rules, safe-outputs, and the Windows CI matrix.
✨ What's New
-
ARC/DinD topology is now fully supported. Three coordinated fixes (#42815, #42855, #42906) redirect runtime-critical paths to daemon-visible locations (
${RUNNER_TEMP}/gh-aw), redirectDOTNET_INSTALL_DIRandGOPATH, and pre-create required mount directories — so compiled workflows run reliably on ARC/DinD runners without path-visibility failures. Requires AWF firewall ≥ v0.27.22. -
Per-skill GitHub auth in
skills:frontmatter. Each skill entry can now carry its owngithub-tokenorgithub-appcredential, enabling multi-org or multi-repo skill installs with distinct authentication. (#42594) -
Runtime reviewers, team-reviewers, and assignees in
create-pull-request. Reviewer and assignee fields now accept template expressions resolved at runtime — routing the created PR to the triggering actor or any dynamically computed value. (#42621) -
PR Sous Chef auto-dismisses stale bot reviews. After an agent addresses feedback,
pr-sous-chefcan now dismiss staleCHANGES_REQUESTEDreviews fromgithub-actions[bot], letting PRs proceed without manual cleanup. (#42626) -
reasoning_depthA/B experiment inplanworkflow. A three-variant experiment (shallow,baseline,deep) measures whether lighter or deeper prompts improve sub-issue quality and cost. (#42955)
🐛 Bug Fixes & Improvements
- Safe-outputs pre-flight full-branch validation — the
allowed_filescheck now validates the full commit history reachable from a pushed ref, preventing false-safe pushes when older commits touched.github/workflows/. (#42585) - Skill install failures surface as agent failure context — when
gh skill installfails, the failure is detected and attached to the agent's failure context for clearer diagnostics. (#42642) - BYOK provider inheritance for sub-agents — fixes sub-agents not inheriting the BYOK provider from the headless sidecar environment. (#42613)
- Windows
cmd/directquoting fix — resolves a .NET vscmd.exequote escaping mismatch causingcmd/directscenario failures in the Windows CI matrix. (#42951) - Workspace wipe prevention during local-actions checkout — generated checkout steps now include
clean: falseso.gitstate is preserved for subsequent local-action post-steps. (#42611) - ESLint rule improvements —
no-unsafe-promise-catch-error-propertybrought to parity with its sibling rule, null-safe companion requirement fortypeof err === "object"catch guards, and newrequire-async-entrypoint-catchrule. (#42953, #42568, #42935) timesleepnocontextlinter boundary fix — stops incorrectly crossing non-Go/deferFuncLitboundaries when attributingtime.Sleepcalls. (#42946)
📚 Documentation
skills:frontmatter reference — new documentation covering pinned refs, per-skill auth, and a real-world complex example. (#42747)- Safe outputs reference slimmed down — the safe outputs reference is now significantly shorter and easier to scan. (#42814)
app:→github-app:migration completed —gh aw fixnow covers top-levelapp:blocks in addition to nested occurrences. (#42794)
Warning
Firewall blocked 1 domain
The following domain was blocked by the firewall during workflow execution:
awmgmcpg
To allow these domains, add them to the
network.allowedlist in your workflow frontmatter:
network:
allowed:
- defaults
- "awmgmcpg"See Network Configuration for more information.
Generated by 🚀 Release · 42.4 AIC · ⊞ 7.7K
What's Changed
- fix(pr-code-quality-reviewer): prevent timeout by launching grumpy-coder early by @pelikhan with @Copilot in #42583
- doc-healer/doc-updater: classify site-build/UI issues as non-content, skip them from docs-PR path by @pelikhan with @Copilot in #42590
- Align sandbox integration tests with rootless AWF command default by @pelikhan with @Copilot in #42606
- Add
tone_variantA/B campaign tobreaking-change-checkerworkflow by @pelikhan with @Copilot in #42597 - Promote errortypeassertion and execcommandwithoutcontext to blocking CI gate by @pelikhan with @Copilot in #42580
- fix(eslint-factory): require-parseInt-radix false negative on radix 0/undefined by @pelikhan with @Copilot in #42581
- fix: detect "no model endpoints available" as http_400_response_error by @pelikhan with @Copilot in #42593
- eslint-factory: require null-safe companion for
typeof err === "object"catch guards by @pelikhan with @Copilot in #42568 - fix: wire BYOK provider into headless sidecar env so sub-agents inherit it by @pelikhan with @Copilot in #42613
- docs: add opt-in, participant-targeted recruitment banner to Starlight docs by @pelikhan with @Copilot in #42595
- Prevent workspace wipe during local-actions checkout in generated workflows by @pelikhan with @Copilot in #42611
- Refactor schema compilation to use a single shared helper by @pelikhan with @Copilot in #42614
- build(deps-dev): bump starlight-github-alerts from 0.3.0 to 0.4.0 in /docs by @dependabot[bot] in #42462
- build(deps): bump mermaid from 11.15.0 to 11.16.0 in /docs by @dependabot[bot] in #42459
- build(deps-dev): bump prettier from 3.8.4 to 3.9.4 in /actions/setup/js by @dependabot[bot] in #42458
- build(deps): bump starlight-blog from 0.26.1 to 0.27.0 in /docs by @dependabot[bot] in #42455
- build(deps-dev): bump vite from 8.0.16 to 8.1.0 in /actions/setup/js by @dependabot[bot] in #42456
- [community] Update community contributions in README by @github-actions[bot] in #42616
- Support per-skill GitHub auth in frontmatter
skillsby @pelikhan with @Copilot in #42594 - PR Sous Chef: dismiss stale
github-actions[bot]blocking reviews after feedback is addressed by @pelikhan with @Copilot in #42626 - docs: move trigger decision matrix to triggers.md, add coverage/digest fallback guidance by @pelikhan with @Copilot in #42618
- Extend windows-cli-integration scenario matrix: add cmd/direct and path-launch for non-default shells by @pelikhan with @Copilot in #42622
- Add clean: false to agentics-maintenance.yml checkout steps by @pelikhan with @Copilot in #42623
- compact Test Quality Sentinel report template (~480 chars saved) by @pelikhan with @Copilot in #42633
- Add improvement issue creation to daily GEO optimizer by @pelikhan with @Copilot in #42635
- fix(pr-sous-chef): use
sonnetalias for pr-processor sub-agent to resolve HTTP 400 by @pelikhan with @Copilot in #42634 - feat(uk-ai-resilience): create up to 2 labeled issues for top-priority findings by @pelikhan with @Copilot in #42636
- [log] Add debug logging to 5 pkg/ files by @github-actions[bot] in #42640
- refactor: extract helpers to bring 3 functions under the 60-line largefunc limit by @pelikhan with @Copilot in #42624
- refactor: skip gh CLI upgrade when already at minimum version for skill support by @pelikhan with @Copilot in #42639
- [code-simplifier] simplify: reduce duplication in discussion comment handlers by @github-actions[bot] in #42641
- safe-outputs: pre-flight workflow scope check + full-branch allowed_files validation by @pelikhan with @Copilot in #42585
- Improve time-delta validation diagnostics to satisfy error-message lint quality by @pelikhan with @Copilot in #42651
- Cover wasm-only files in custom li...
v0.82.1
🌟 Release Highlights
v0.82.1 focuses on a major dashboard overhaul, new workflow authoring primitives, expanded static analysis coverage, and reliability fixes across the compiler and runtime.
⚠️ Behavioral Change: sandbox.agent.sudo Defaults to false
The global default for sandbox.agent.sudo has changed from true to false (network isolation / rootless mode). Workflows that relied on elevated sandbox access must now explicitly set sandbox.agent.sudo: true. This aligns the default with the recommended security posture.
✨ What's New
-
Frontmatter
skillssupport — Workflows can now declare SHA-pinned skills directly in frontmatter. At activation time,gh awautomatically installs them viagh skill installand wires them into the engine. Learn more (#42426, #42543) -
Model policy controls — New
models.allowedandmodels.disallowedfrontmatter fields let you restrict which AI models a workflow can use, with environment-variable overrides for flexibility. (#41824) -
ARC/DinD rootless topology —
runner.topology: arc-dindis now a first-class frontmatter option, enabling GitHub ARC runners with Docker-in-Docker rootless execution. (#42371) -
brandingfield inaw.yml— Package manifests can now include a GitHub Actionsbrandingblock without failing schema validation. (#42454) -
Per-model Copilot SDK
wireApi— Updated for Copilot SDK v1.0.4's multi-provider BYOK registry, where transport behavior can vary by model. (#42497)
🖥️ Dashboard Overhaul
The agentic workflows dashboard received extensive polish this release:
- TypeScript migration — Backend modules migrated from ESM
.mjsto strict TypeScript, eliminating allanytypes and narrowingunknown(#42321, #42353) - Bundled into single artifacts — Alpine.js and Node.js code are now bundled into self-contained
app.js— no external CDN dependencies (#42300, #42352) - Skeleton loaders & spinners — Loading states are now visually communicated while runs and definitions fetch (#42345)
- Cross-session log caching — Downloaded logs are cached in a shared user-level directory, reducing redundant fetches (#42349)
- Compact single-line rows — Definitions and Runs lists now render in tighter, more scannable single-line format (#42344)
- Missing
ghbinary detection — Dashboard shows a targeted install prompt when theghCLI is not found (#42303) - Fixed hang on inherited handles — Detached spawn prevents
gh awfrom hanging when dashboard subprocess inherits stdio handles (#42311)
🐛 Bug Fixes & Improvements
- Fixed concurrent schedule overlap —
every N minutescron expressions are now scattered across different offsets, preventing all same-interval workflows from firing simultaneously (#42524) - Hardened API fallbacks — Unauthenticated
api.github.comcalls now carry a 30-second timeout and request context, eliminating potential goroutine hangs during compilation (#42521) - Fixed AWF access.log path — Firewall log analysis now correctly finds
access.login thesquid-logs/subdirectory (#42513) - Codex retry loop fix — Codex harness no longer retries on TPM exhaustion or unfinished-goal errors, avoiding run quota drain (#42420)
- Better engine typo detection — Invalid
engine:values now surface as the primary error rather than being masked by downstream schema failures (#42235) - Auto-derive checkout
path:— Compiler now warns and auto-derives thepath:for cross-repo checkout entries where it was missing (#42257)
🔍 New Static Analysis Rules
sprintfintGo linter — Flagsfmt.Sprintf("%d", x)wherexisint, suggestingstrconv.Itoafor clarity (#42538)errortypeassertionGo analyzer — Catches directerror-to-concrete type assertions and steers code towarderrors.As(#42323)httpnoctxenhancement — Now detects thehttp.NewRequest(...)+client.Do(req)path, not just helper functions (#42536)- ESLint
no-core-setoutput-non-string— Flags non-string values passed tocore.setOutput, preventing type coercion bugs in Actions JavaScript (#42453)
📚 Documentation
- Aligned
gh awCLI help text with docs forversion,deploy,strict, andsecretsflags (#42496) - Streamlined MemoryOps guide and troubleshooting common issues pages (#42533, #42308)
- Added
sandbox.agent.sudoglossary entry documenting the AWF privilege model (#42466)
Warning
Firewall blocked 1 domain
The following domain was blocked by the firewall during workflow execution:
awmgmcpg
To allow these domains, add them to the
network.allowedlist in your workflow frontmatter:
network:
allowed:
- defaults
- "awmgmcpg"See Network Configuration for more information.
Generated by 🚀 Release · 64.3 AIC · ⊞ 7.7K
What's Changed
- Use Sonnet consistently in pr-sous-chef by @pelikhan with @Copilot in #42292
- feat: add audit logging to comment_release_prs job by @pelikhan with @Copilot in #42306
- [docs] docs: unbloat troubleshooting common issues by @github-actions[bot] in #42308
- Skip
signed/jsweep/*branches in PR Description Updater by @pelikhan with @Copilot in #42296 - Refactor forecast command into focused modules and isolate render helper tests by @pelikhan with @Copilot in #42274
- fix(dashboard): button group styling and Alpine.js FOUC prevention by @pelikhan with @Copilot in #42309
- fix(aw-dashboard): use detached spawn to prevent gh-aw hang on inherited handles by @pelikhan in #42311
- Add maintenance view to the agentic workflows dashboard by @pelikhan with @Copilot in #42297
- Scale MCP logs timeout for larger fetch windows by @pelikhan with @Copilot in #42295
- feat(dashboard): detect missing gh binary and show targeted install prompt by @pelikhan with @Copilot in #42303
- fix(contribution-check): eliminate E002 safe-output collisions and retry loops by @pelikhan with @Copilot in #42316
- docs(aw): add compliance and design-governance patterns to authoring guidance by @pelikhan with @Copilot in #42315
- Bundle Alpine.js into the dashboard extension by @pelikhan with @Copilot in #42300
- Simplify
gh aw statustable output by @pelikhan with @Copilot in #42312 - Prioritize invalid engine typos over downstream schema/import failures by @pelikhan with @Copilot in #42235
- Honor global mention allowlists in add-comment sanitization by @pelikhan with @Copilot in #42313
- Normalize report-style prompts in Priority 1 workflows (h3+ headers +
<details>guidance) by @pelikhan with @Copilot in #42324 - Migrate dashboard backend modules from ESM
.mjsto strict TypeScript by @pelikhan with @Copilot in #42321 - Allow
create_pull_requestbundle transport to fall back when branch pinning is unavailable by @pelikhan with @Copilot in #42318 - dashboard: memoize binary detection and robust JSON parsing by @pelikhan in #42334
- fix(dashboard): alert box spacing and scrollbar polish by @pelikhan with @Copilot in #42335
- dashboard: add left margin to Counter badges by @pelikhan with @Copilot in #42337
- dashboard: structured logging, fix cwd/spawn bugs, add build:ts + AGENTS.md by @pelikhan in #42338
- Extract shared SafeOutputAllowBlockConfig across safe-output handlers by @pelikhan with @Copilot in #42322
- dashboard: compact single-line rows for Definitions and Ru...
v0.82.0
🌟 Release Highlights
This release brings a new Copilot Canvas extension for agentic workflow operations, significant dashboard improvements, experimental LSP frontmatter support, and an expanded ESLint Factory with new safety rules.
✨ What's New
-
🎨 Copilot Canvas Extension — A new project-scoped GitHub Copilot canvas extension (
agentic-workflows-dashboard) lets you browse workflow definitions and runs, review safe markdown step summaries, and dispatch workflows directly from the Copilot chat panel. (#42137) -
📊 Dashboard: Experiments Tab — The dashboard canvas now surfaces A/B experiment branch data via a dedicated Experiments tab backed by
gh aw experiments list. (#42213) -
📈 Dashboard: Usage Reporting & Continuation-Aware Log Windows — Run details now include token usage reporting and context-aware log windows that track continuation state. (#42226)
-
🔬 Dashboard: Audit Data with Progressive Disclosure — Run detail panels now surface structured audit data inline, with progressive disclosure to keep the view clean. (#42269)
-
🛠️ LSP Frontmatter Support (Experimental) — Workflows can now declare
lsp:frontmatter configuration so Copilot CLI automatically receives generatedlspServersconfig and required server dependencies during agent setup. Non-Copilot engines fail fast with a clear error. (#41777) -
📏 ESLint Factory — New Safety Rules — Three new rules land in the ESLint Factory:
no-unsafe-catch-error-property(flags unsafe.message,.stack,.status,.cause,.nameaccess),no-unsafe-promise-catch-error-property(same for promise.catch()callbacks), andrequire-parseInt-radix(enforces explicit radix argument). (#42057, #42221, #41961) -
🔁 Templatable
report-failure-as-issue— Reusable workflows can now parameterize thesafe-outputs.report-failure-as-issuefield without post-compile lock-file edits, enabling flexible failure reporting across shared workflow definitions. (#41821) -
📁 Repo-Local Instruction Overlays — Installed
gh-awagents now support repo-local instruction overlay files, allowing per-repository customization of agent behavior without forking upstream workflows. (#42053)
🐛 Bug Fixes & Improvements
- Safe-outputs
set_issue_type— Fixed incorrect GraphQL query and field name in theset_issue_typeintent path. (#42232) - MCP Gateway config — Fixed invalid JSON escape sequences in GitHub remote MCP gateway config generation. (#41864)
- Setup cleanup —
gh aw setupnow properly cleans up root-owned/tmp/awf-*-chroot-homedirectories. (#41852) - Copilot HTTP 400 failures — HTTP 400 responses from Copilot are now surfaced in workflow conclusions rather than silently discarded. (#42228)
dispatch-repositorykey — Enforced canonicaldispatch-repositorysafe-output key and deprecated the underscore aliasdispatch_repository. (#42150)- Audit job steps — Structured audit output now correctly populates individual job step data. (#42222)
- Enterprise host context — Enterprise host configuration is now properly propagated into the curated DIFC/CLI proxy environment. (#41912)
📚 Documentation
- Corrected
gh aw mcp addargument order in the setup guide. (#42272) - Added dedup checklist, PR escalation guidance, and linked-reference patterns to developer docs. (#42111)
- Added Agent Finder discovery guidance with direct REST API examples for skill selection. (#42078)
Warning
Firewall blocked 1 domain
The following domain was blocked by the firewall during workflow execution:
awmgmcpg
To allow these domains, add them to the
network.allowedlist in your workflow frontmatter:
network:
allowed:
- defaults
- "awmgmcpg"See Network Configuration for more information.
Generated by 🚀 Release · 35.4 AIC · ⊞ 7.7K
What's Changed
- fix: apply_samples derivePrHeadRef uses target-repo config for siderepo PR lookups by @dsyme with @Copilot in #41295
- Enable templatable
report-failure-as-issueand shared-workflow propagation by @pelikhan with @Copilot in #41821 - Add nolint suppression parity for 5 remaining gh-aw analyzers by @pelikhan with @Copilot in #41849
- fix(fmterrorfnoverbs): treat %% as escaped literal, not a real verb by @pelikhan with @Copilot in #41850
- [instructions] Sync instruction files with release v0.81.6 by @github-actions[bot] in #41871
- [spec-extractor] Update package specifications for envutil, fileutil, gitutil, logger by @github-actions[bot] in #41873
- [docs] Consolidate developer specifications: v9.19 maintenance tone scan by @github-actions[bot] in #41887
- [docs] Update editor preview screenshots – 2026-06-27 by @github-actions[bot] in #41868
- Fix invalid JSON escapes in GitHub remote MCP gateway config generation by @pelikhan with @Copilot in #41864
- Bump Claude Code to 2.1.195 and Codex to 0.142.3 by @pelikhan with @Copilot in #41865
- fix(log_parser_bootstrap): guard Claude guardrail with safeOutputEntriesCount escape hatch by @pelikhan with @Copilot in #41886
- fix(setup): clean up root-owned /tmp/awf-*-chroot-home directories by @pelikhan with @Copilot in #41852
- Gate CI coverage uploads behind code-quality opt-in variable by @pelikhan with @Copilot in #41922
- Add Copilot-only
lspfrontmatter support with schema, codegen, engine guardrails, and LSP instructions (experimental) by @pelikhan with @Copilot in #41777 - Strengthen anomaly detector edge coverage and remove order-dependent test behavior by @pelikhan with @Copilot in #41916
- [linter-miner] linter: add httpstatuscode analyzer — flag magic HTTP status code literals by @github-actions[bot] in #41914
- [formal-spec] Add OTEL observability formal compatibility test suite (v0.4.0 L1/L2) by @pelikhan with @Copilot in #41906
- Add run-again footer hints for slash and label command triggers by @pelikhan with @Copilot in #41920
- refactor: extract shared CLI engine execution logic; make Pi backend resolution configurable by @pelikhan with @Copilot in #41921
- fix(changeset): restrict safe-outputs allowed-files to .changeset/*.md by @pelikhan with @Copilot in #41937
- [caveman] Optimize instruction verbosity — memory.md, mcp-clis.md (2026-06-27) by @github-actions[bot] in #41943
- safeoutputs: disambiguate
submit_pull_request_review.eventfromactionby @pelikhan with @Copilot in #41948 - Establish ESLint Linter Factory for actions/setup/js and add dedicated ESLint daily workflows by @pelikhan with @Copilot in #41938
- pr-sous-chef: auto-resolve outdated addressed review threads via thread-resolver sub-agent by @pelikhan with @Copilot in #41959
- feat(ambient-context): trim prompt size in daily-code-metrics, test-quality-sentinel, smoke-copilot-aoai-entra by @pelikhan with @Copilot in #41960
- eslint-factory: add hasSuggestions, enriched diagnostic message, and try/catch suggest fix by @pelikhan with @Copilot in #41966
- [eslint-miner] feat(eslint): add require-parseInt-radix rule — ESLint Miner 2026-06-27 by @github-actions[bot] in #41961
- Clarify LSP capabilities and prompt patterns in
lsp.mdfor authoring efficiency by @pelikhan with @Copilot in #41977 - Add ready_for_review workflow for Impeccable (needex) skills-based PR review by @pelikhan with @Copilot in #41978
- Moving ESLint factory to new location by @pelikhan with @Copilot in #41975
- eslint-factory: fix require-json-parse-try-catch to catch computed JSON["parse"] access by @pelikhan with @Copilot in #42000
- Bump gh-aw-firewall to v0.27.12 and gh-aw-mcpg to v0.3.31 by @lpcox with @Copilot in...
v0.81.6
🌟 Release Highlights
This release focuses on stability and observability — restoring broken fleet-wide token tracking, hardening CI quality gates, and adding release traceability for merged PRs.
✨ What's New
- Release PR notifications — A new post-agent release job now automatically comments on every PR included in each release, making it easy to trace which release shipped your changes (#41834).
- Loop engineering playbook —
.github/aw/loop.mdcodifies patterns from autoloop, goal, and crane into a unified reference for building robust agentic loops (#41833). - Benchstat regression gate — The CI bench job now compares against a stored baseline using
benchstat, preventing silent performance regressions from merging (#41813).
🐛 Bug Fixes & Improvements
- Restored fleet-wide token usage collection —
TokenUsagehad been reporting0across the entire fleet since June 20 due to two co-conspirating bugs in the conclusion job. Both are fixed, restoring accurate AI credit tracking (#41823). - Security: pinned
govulnchecktogo.modversion — CI vulnerability scans now use the exact version declared ingo.modand produce reproducible SARIF reports. A localmake vuln-sariftarget is also available (#41815). - Hardened BYOK Ollama startup — The daily BYOK Ollama test now gates on explicit model and API readiness before proceeding, eliminating pre-agent failures from incomplete startup (#41838).
- Stabilized Go Logger Enhancement compile — Fixed exit code 126 caused by unsafe shell glob expansion in the workflow tool allowlist (#41840).
- Enforced safe output completion in quality workflow — The daily compiler quality workflow now requires an explicit safe output call, preventing silent no-op runs (#41841).
🔧 Internal
- Refactored 5 extreme function-length hotspots (145–650 lines) in
pkg/workflowandpkg/cliinto focused, testable units (#41800). - SortedKeys sweep and deduplication logic consolidation across the codebase (#41829).
Generated by 🚀 Release · 32.9 AIC · ⊞ 8.3K
What's Changed
- refactor: split 5 extreme function-length hotspots in pkg/workflow and pkg/cli by @pelikhan with @Copilot in #41800
- fix(security): pin govulncheck to go.mod version in CI, add local SARIF target by @pelikhan with @Copilot in #41815
- Add benchstat regression gate to CI bench job by @pelikhan with @Copilot in #41813
- fix(token-usage): restore fleet-wide TokenUsage collection via non-empty copy guard and correct priority order by @pelikhan with @Copilot in #41823
- Add post-agent release job to comment on PRs included in each release by @pelikhan with @Copilot in #41834
- [community] Update community contributions in README by @github-actions[bot] in #41836
- Require explicit safe output completion in daily compiler quality workflow by @pelikhan with @Copilot in #41841
- Harden Daily BYOK Ollama startup path with explicit model/API readiness gating by @pelikhan with @Copilot in #41838
- [aw] Stabilize Go Logger Enhancement compile invocation by @pelikhan with @Copilot in #41840
- refactor: SortedKeys sweep, deduplicate dedup logic, redistribute misplaced helpers by @pelikhan with @Copilot in #41829
- Add
.github/aw/loop.mdplaybook synthesizing loop-engineering patterns from autoloop/goal/crane by @pelikhan with @Copilot in #41833
Full Changelog: v0.81.5...v0.81.6
v0.81.5
🌟 Release Highlights
This release focuses on org-mode maturity, performance optimizations, and sandbox hardening — making gh aw update/upgrade --org more robust and production-ready while delivering meaningful speed improvements across the compiler and validator.
✨ What's New
-
Action-pin mapping in
aw.json(#41579) — Define action-pin overrides directly in youraw.jsonconfiguration, giving you centralized control over pinned action versions. -
manifest-versionnow optional inaw.yml(#41687) — Reduces boilerplate in new workflow files; the field is inferred when omitted. -
Non-TTY fallback for
gh aw addwizard (#41717) — The interactive add wizard now gracefully falls back to text prompts in non-interactive environments (CI, scripts), unblocking automation pipelines. -
Org-mode improvements for
update/upgrade --org(#41617, #41627, #41719) — Workflow-targeted updates, repo prefiltering, version-tag display, unified repo discovery, and per-repo confirmation prompts (with--yesfor CI). The--orgflag is now significantly more useful for managing fleets of repositories. -
Sandbox hardening at 50% baseline (#41786) — Half of all eligible agentic workflows now run with
sandbox.agent.sudo: false, reducing the blast radius of runaway agent steps. -
Daily detection analysis report workflow (#41802) — New built-in workflow that generates automated detection analysis reports.
⚡ Performance
- Lazy-loaded embedded JSON datasets (#41587) — Embedded compile-time JSON is no longer loaded at startup, reducing memory footprint for CLI commands that do not compile.
- Lazy-loaded GitHub toolset permissions (#41755) — Loaded via
sync.Onceso permission data is only read when needed. - Cached regexp in
applySanitizePattern(#41762) — Eliminates repeated regex compilation on hot code paths. - Faster
ParseWorkflow(#41772) — Model-alias cycle detection overhead reduced.
🐛 Bug Fixes & Improvements
- Secret double-escape fix (#41801) — Custom MCP server env/header secrets are no longer double-escaped in generated lock files.
- Agent-supplied branch accepted in
push_to_pull_request_branch(#41654) — Fixes a regression where agent-provided branch names were rejected. - MODEL_NOT_SUPPORTED detection extended (#41792) — The pattern now catches 404 "Model not found" responses, improving resilience for unsupported model errors.
- Bundle manifest path resolution (#41790) —
.github/paths are now resolved as repo-root-relative in nested bundle manifests. - MCP post-completion relaunch is non-fatal (#41713) — A failed MCP server relaunch after job completion no longer fails the workflow.
- PR Sous Chef cooldown (#41759) — Prevents back-to-back comments by enforcing a 30-minute cooldown.
- Harness exits cleanly (#41675) — Exits with code 0 when expected safe-outputs were already produced, even when subsequent steps encounter permission-denied errors.
GH_AW_POLICY_STRICTenforced at runtime (#41682) — Non-strict compiled workflows now properly respect the strict policy flag at runtime.
📚 Documentation
- Blog: Custom Linters, Sergo, Linter Miner & LintMonster (#41663) — A new blog post walking through the custom linter ecosystem. Read it →
gh aw envgovernance guide (#41758) — New documentation covering defaults and scope inheritance for environment configuration.
Generated by 🚀 Release · 41.2 AIC · ⊞ 8.3K
What's Changed
- Add action-pin mapping support in aw.json by @pelikhan with @Copilot in #41579
- pkg/workflow: lazy-load embedded JSON datasets used only at compile-time paths by @pelikhan with @Copilot in #41587
- feat: add XML markers, deduplication, labels, and release links to org runner PRs/issues by @pelikhan with @Copilot in #41580
- fix: resource lifecycle and context propagation (lint-monster) by @pelikhan with @Copilot in #41589
- Replace lint-monster path literals with repository constants in CLI/workflow codepaths by @pelikhan with @Copilot in #41611
- [UX] Professionalize Architecture Guardian safe-output status messages by @pelikhan with @Copilot in #41612
- [jsweep] Clean update_context_helpers.cjs by @github-actions[bot] in #41608
- fix: accept agent-supplied branch in push_to_pull_request_branch (fixes #41643) by @dsyme in #41654
- fix: replace deprecated gpt-5-mini with gpt-5.4-mini in daily-model-resolution workflow by @pelikhan with @Copilot in #41625
- Enable sandbox.agent.sudo: false on 20 agentic workflows by @pelikhan with @Copilot in #41628
- [docs] Update glossary - daily scan by @github-actions[bot] in #41657
- [spec-extractor] Update package specifications for agentdrain, cli, console, constants by @github-actions[bot] in #41653
- [code-scanning-fix] Fix js/http-to-file-access: validate Content-Type and size for LFS PDF download by @github-actions[bot] in #41635
- Update
gh aw update --orgto support workflow-targeted updates and repo prefiltering by @pelikhan with @Copilot in #41617 - panicinlibrarycode: enforce FuncLit boundaries for init/doc panic exemptions by @pelikhan with @Copilot in #41631
- [instructions] Sync instruction files with release 0.81.4 by @github-actions[bot] in #41644
- Replace AWF runtime Python patch with shared JavaScript helper by @pelikhan with @Copilot in #41623
- Add blog post on custom linters, Sergo, Linter Miner, and LintMonster by @pelikhan with @Copilot in #41663
- reduce instructions-janitor max lines target from 500 to 400 by @pelikhan with @Copilot in #41673
- Retry one completed Copilot BYOK proxy auth failure as a fresh run by @pelikhan with @Copilot in #41629
- Make manifest-version optional in aw.yml by @pelikhan with @Copilot in #41687
- Harden API consumption log collection against continuation timeouts by @pelikhan with @Copilot in #41676
- [spec-enforcer] Enforce specifications for setutil by @github-actions[bot] in #41684
- Refactor duplicated key sorting, engine env assembly, and engine max-* codemods by @pelikhan with @Copilot in #41674
- fix(harness): exit 0 when expected safe-outputs already produced despite numerous permission-denied by @pelikhan with @Copilot in #41675
- improve update/upgrade --org: version tags, current version display, unified repo discovery by @pelikhan with @Copilot in #41627
- Fix go-logger preflight manifest generation failing on jq filter quoting by @pelikhan with @Copilot in #41695
- fix(USE-001): add standardized error codes to pr_review_buffer and set_issue_type handlers by @pelikhan with @Copilot in #41692
- Enforce
GH_AW_POLICY_STRICTat runtime for non-strict compiled workflows by @pelikhan with @Copilot in #41682 - parser: add schema validation tests for sandbox.agent.sudo (regression guard for #41679) by @dsyme with @Copilot in #41681
- logs: populate
messagefield with actionable guidance when no runs found by @pelikhan with @Copilot in #41693 - docs: resolve spec audit — pkg/intent spec, actionpins Mappings field, linters 4 new subpackages by @pelikhan with @Copilot in #41723
- fix: post-completion MCP relaunch failure is non-fatal; audit-diff surfaces removed denied domains by @pelikhan with @Copilot in #41713
- Normalize report-format guidance across non-compliant agentic workflows by @pelikhan with @Copilot in #41728
- Harden Super Linter workflow against generated-summary linting and log art...